Puppet Vulnérabilités

Chronologie

Taper

Service Management Software	15
Firewall Software	1

Produit

Puppet Enterprise	5
Puppet Master webutil	3
Puppet cisco_ios	2
Puppet Bolt	1
Puppet Firewall Module	1

Contre-mesures

Official Fix	7
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	9

Exploitabilité

High	0
Functional	0
Proof-of-Concept	3
Unproven	0
Not Defined	13

Vecteur d'accès

Not Defined	0
Physical	0
Local	4
Adjacent	2
Network	10

Authentification

Not Defined	0
High	0
Low	9
None	7

Interaction de l'utilisateur

Not Defined	0
Required	1
None	15

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	1
≤6	4
≤7	2
≤8	2
≤9	2
≤10	3

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	1
≤6	4
≤7	2
≤8	2
≤9	2
≤10	3

VulDB

≤1	0
≤2	0
≤3	0
≤4	3
≤5	2
≤6	4
≤7	2
≤8	1
≤9	1
≤10	3

NVD

≤1	0
≤2	0
≤3	0
≤4	1
≤5	1
≤6	0
≤7	1
≤8	3
≤9	1
≤10	3

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	1
≤7	1
≤8	0
≤9	0
≤10	0

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	2
<2k	6
<5k	8
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	15
<2k	1
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (9): Agent (1), Bolt (1), DB (1), Enterprise (5), Firewall Module (1), PE Client Tools (1), cisco_ios (2), device_manager (1), webutil (3)

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
07/11/2023	7.4	7.3	Puppet Enterprise SAML authentification faible	Service Management Software	Not Defined	Official Fix	0.00091	0.00	CVE-2023-5309
08/06/2023	8.0	7.9	Puppet Enterprise Orchestration Service elévation de privilèges	Service Management Software	Not Defined	Official Fix	0.00235	0.02	CVE-2023-2530
20/07/2022	4.0	3.9	Puppet Bolt divulgation de l'information	Service Management Software	Not Defined	Official Fix	0.00054	0.00	CVE-2022-2394
03/03/2022	5.6	5.6	Puppet Firewall Module Rule elévation de privilèges	Firewall Software	Not Defined	Not Defined	0.00201	0.00	CVE-2022-0675
31/08/2021	5.5	5.5	Puppet Enterprise CSV Export Privilege Escalation	Service Management Software	Not Defined	Not Defined	0.00201	0.00	CVE-2021-27020
21/07/2021	4.6	4.6	Puppet DB SQL Query elévation de privilèges	Service Management Software	Not Defined	Not Defined	0.00104	0.07	CVE-2021-27021
02/10/2018	5.5	5.5	Puppet cisco_ios SSH Session Credentials elévation de privilèges	Service Management Software	Not Defined	Not Defined	0.00044	0.00	CVE-2018-11752
02/10/2018	6.4	6.2	Puppet cisco_ios SSH Connection elévation de privilèges	Service Management Software	Not Defined	Official Fix	0.00060	0.00	CVE-2018-11750
02/10/2018	5.5	5.5	Puppet device_manager Configuration File Credentials elévation de privilèges	Service Management Software	Not Defined	Not Defined	0.00044	0.03	CVE-2018-11748
14/06/2018	6.5	6.3	Puppet PE Client Tools Configuration File elévation de privilèges	Service Management Software	Not Defined	Official Fix	0.00063	0.03	CVE-2018-6516

6 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 6 results.

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!